<?php
	if(isset($_SESSION['admin_id']))header('location:?mod=chaomung');
	if(count($_POST)>0)
	{
		//$secret='teo';
		$user=$_POST['user'];
                $pass=$_POST['pass'];
		//$pass=sha1($_POST['pass']);
		//$pass=sha1($pass.$secret);
		$sql="SELECT * 	FROM `admin` 	WHERE `name` = '$user' 	AND `pass` = '$pass'";
		$rs=mysqli_query($conn,$sql);
		if(mysqli_num_rows($rs)>0)
		{
			$r=mysqli_fetch_assoc($rs);
			$_SESSION['admin_id']=$r['id'];
			$_SESSION['admin_name']=$r['name'];
			header('location:?mod=chaomung');
		}
		else
			echo 'Username hoặc Password không đúng !';
	}
?>
<form id="form1" name="form1" method="post" action="">
  <table width="400" border="0" align="center" cellpadding="5" style="width:400px; margin:auto">
  <tr>
    <td width="95">Username</td>
    <td width="279"><input value="" type="text" name="user" id="user" /></td>
  </tr>
  <tr>
    <td>Password </td>
    <td><input value="" type="password" name="pass" id="pass" /></td>
  </tr>
  <tr>
    <td>&nbsp;</td>
    <td><input type="submit" name="submit" id="submit" value="Đăng nhập" />
      <input name="url" type="hidden" id="url" value="<?php echo $url; ?>" /></td>
  </tr>
</table>
</form>